Ken Thompson, one of the original creators of UNIX, discusses in Reflections on trusting trust a number of steps he took that managed to render source code useless for revealing a security issue.

First, he patched the login command to contain a back door that would let him log into any UNIX system with a certain password.

He then patched the C compiler to detect whenever the login command was being compiled. The C compiler would automatically insert the back door into the login program, so there was no need to keep the back door in the source of the login command.

Then, he modified the C compiler to detect when the C compiler itself was compiled from source and to automatically add the login-detection-and-patching code as well as the C-compiler-detection-and-patching code.

The result was a system where the source code did not contain any trace of a backdoor.

hamei wrote:Then, he modified the C compiler to detect when the C compiler itself was compiled from source and to automatically add the login-detection-and-patching code as well as the C-compiler-detection-and-patching code.

So the entire thing falls apart if you switch to another compiler. Obviously not an option back in the day when the entire UNIX tool chain pretty much came from him, but nowadays that would be rough to pull off

VenomousPinecone wrote:So true, but I would imagine most production linux systems (what TFA was talking aboot) would only have gcc.

Actually, the hack described long predates Linux and gcc... these are the old, original Unix systems from pre-breakup AT&T which ran on PDP11's and the like, before 1984. gcc didn't exist until 1987, and Linus Torvalds started working on Linux in 1991.